Re: changing existing local user flag "never expires"
From: Richard Mueller [MVP] (rlmueller-NOSPAM_at_ameritech.NOSPAM.net)
Date: 11/30/04
- Next message: Scott Fenstermacher: "Re: How can I get computer name"
- Previous message: Richard Mueller [MVP]: "Re: ADODB.Recordset: Operation is not allowed when the object is closed"
- In reply to: Christian Goldmann: "changing existing local user flag "never expires""
- Next in thread: Christian Goldmann: "Re: changing existing local user flag "never expires""
- Reply: Christian Goldmann: "Re: changing existing local user flag "never expires""
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 30 Nov 2004 09:25:55 -0600
Hi,
In the first script, ADS_UF_DONT_EXPIRE_PASSWD is not defined. Otherwise the
Or operation means the bit is set, so if the constant were defined, it would
set the flag "password never expires". In the second script, the And
operation tests if the bit is set. A non-zero result means that the flag is
set. So, when the flag is set, you Xor the attribute with the bit mask,
which toggles it, which means that the script results in the flag not being
set.
I would prefer to test first, then if the flag is not set, use Or to set the
flag:
Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000
Set objUser = GetObject("WinNT://image/trulli,user")
lngFlags = objUser.Get("userFlags")
If (lngFlags And ADS_UF_DONT_EXPIRE_PASSWD) = 0 Then
lngFlags = lngFlags Or ADS_UF_DONT_EXPIRE_PASSWD
objUser.Put "userFlags", lngFlags
objUser.SetInfo
End If
This assumes you have the correct binding string for the user. Remember "Or"
sets a bit, "Xor" toggles a bit (the only way to turn a bit off), "And"
tests a bit. When you "And", a non-zero result means the bit is set, a zero
result means the bit is not set. In VBScript you must define the constants.
-- Richard Microsoft MVP Scripting and ADSI Hilltop Lab web site - http://www.rlmueller.net -- "Christian Goldmann" <derduron@web.de> wrote in message news:39f7148c.0411300550.21148f97@posting.google.com... > Hello > > I'm searching for a usable script to change the flag "password never > expires" on two local users. > > No domain, no OU, or so - simple local accounts. > > System is Windows XP Prof SP2 > > I found two scripts - no one seems to work for me. > Script 1: > Set objUser = GetObject("WinNT://image/trulli") > objUserFlags = objUser.Get("UserFlags") > objPasswordExpirationFlag = objUserFlags OR ADS_UF_DONT_EXPIRE_PASSWD > objUser.Put "userFlags", objPasswordExpirationFlag > objUser.SetInfo > > > > Script 2: > Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000 > Set objUser = GetObject("WinNT://image/trulli,user") > lngFlags = objUser.Get("userFlags") > If (lngFlags And ADS_UF_DONT_EXPIRE_PASSWD) <> 0 Then > lngFlags = lngFlags Xor ADS_UF_DONT_EXPIRE_PASSWD > objUser.Put "userFlags", lngFlags > objUser.SetInfo > End If > > > > Both scripts runs on doubleclick without error, but the flag seems not > been set. > System/User/Properties.... is the flag unchecked after the scripts. > > What can i do? > > Greetings > Chris
- Next message: Scott Fenstermacher: "Re: How can I get computer name"
- Previous message: Richard Mueller [MVP]: "Re: ADODB.Recordset: Operation is not allowed when the object is closed"
- In reply to: Christian Goldmann: "changing existing local user flag "never expires""
- Next in thread: Christian Goldmann: "Re: changing existing local user flag "never expires""
- Reply: Christian Goldmann: "Re: changing existing local user flag "never expires""
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
